In a protected intranet site, it is desirable that a local area network (LAN) be provided with two or more service classes. One of the service classes could be a broad service class which could permit access to the LAN, the internet and an intranet containing the LAN. Other service classes would limit access to one or more of the LAN and the intranet In a LAN, a user is assigned a workplace location identified by a LAN address (MAC) and logical address (IP). Based on the user's personal identification (ID) on the intranet, the MAC and IP addresses are assigned a level of access to the networks and the information in them. However, this mode of protection can be defeated by a procedure called “Spoofing” where a user masquerades as someone else on the intranet and bypasses several levels of security. An example of spoofing would be to change a LAN work station location from one physical address and/or logical address to another after access has been obtained for the work station.
Therefore it is an object of the present invention to improve network security and/or accessibility in security in secured intranet work sites.
It is further an object of the present invention to provide increased security protection for such intra work sites by unauthorized users using insecure work site.